I have a virtual machine with Windows Server R2 Ent.
In this machine runned domain controler test.local. I have admin(doamin and local) account on this machine.
I want to get access to event log of this machine from my dev machine which is on my corporate domain(these domains doesn't know about each other).
I could connect to VM through RDP by using its IP, but when I try to Connect in eventViewer to VM by using IP and using admin credantials it says that "The RPC service is not available". I gues that some security policy has been applied, but may I wrong.

So the question is, how to connect to event log on remote machine if I have:
machine IP,
machine domain name,
machine domain admin credentials,
I connect from other domain?

If it possible maybe someone can point me how to do this. (If it will be Powershell sniplet it would be great).

1 Answer
1

However, it sounds like there is a firewall in place between your dev machine and the destination machine that is blocking the RPC ports for remote event viewer access.

Take a look at this TechNet article regarding allowing dynamic RPC network traffic through Windows Firewall, if that is what the remote machine is using.

If you have a hardware or other firewall that is blocking the traffic, you'll need to open up port 135 as well as some portion of the dynamic RPC port range (49152-65535 in Server 2008). You can restrict the dynamic port range and find further info in this Microsoft KB article. If I recall correctly, the minimum range size is 255 ports, but that may no longer be accurate. This KB article is a great reference for port ranges for Windows services and applications.